Its about Tor!!!

Lets talk a bit about Tor. I have researched about tor, and found a overview how Tor works. So, Tor was developed by US naval research Laboratory. Tor uses Onion routing, routing means forwarding or routing the data. Tor is a browser obviously, and its open source. Also, you contribute at Github and Gitlab may be. It has participated in GSoC as The Tor Project. And, in normal routing client and server both knows each other, but in onion routing they don’t know each other. Onion routers can be any device across the Tor Cloud, you can be one if your internet connection and network bandwidth is fair. Generally, Client and server are connected through these nodes and don’t know each other. The base of this is Diffie Hellman key exchange. The data also harder to track and hack as it bounces through the routers, if some is going to compromise the data its impossible because we don’t know the destination and the data. Also, onion routing got its name because the encryption layer is like wrapped around like a onion. Also, there are generally atleast 3 nodes between you and server and the path is called a circuit. The client side node is called Guard node.

No one knows whats on there. So, in the following diagram, you can see the hand drawn pics are like interior of an onion and there are three keys k1, k2 and k3. Client knows all of these keys. But server doesn’t or even the routers. Routers are provided the respected keys, like first node knows the k3, it unlocks and forwards it to second node, which knows the k2 unlocks and forwards to the third node which unlocks the key, and forwarded to the server, this is like the peeling of a server and its how the general onion routing works. What problem is that some can comprise on the server side, known as eavesdropping. So, therefore, there is hidden services like above figure. And that makes it more safer. As you can see this keys are added, so, you could probably say that the length of the message will increase, but fortunately it doesn’t every message used 512 byte long key which remains same in entire network.

Each onion routing, does multiple tasks, like take the second circle, it’s the entry point, it might be exit node to another server or it may the relay node to another. A lots of traffic is going on in these nodes. There is no point of anonymity on the server side, if as I said earlier, “eavesdropping” happens. Also, some one might get the data by traffic analysis, but its way harder to do.

Therefore, something called Hidden Service(or commonly known as dark web) is introduced. As in the first picture, you see there is hidden service, i.e. the server is inserted inside the Tor Cloud, now the network is secure. Server doesn’t know the Client, but it knows while someone logs in (after the completion of a particular service). So, lets refer to the following figure, so at first, three routers are choosen at random, what about them, ofcourse they contain a particular  IP address.

The particular chosen node is known as Introduction Point. And Hidden service, approaches to those and take permission, whether they would like to become the introduction points or not. You might be wondering what “rp” is, its in the later part. After the introduction points is being created a Hidden Service descriptor is created, it includes server’s public key, its for generally authentication purposes. And as above mentioned, all of the IP addresses’ information took over by the descriptor, inside the descriptor it contains a distributed hash table ( hashing is widely used and base for cryptography, if you read my 4^th blog, then saw there hash search, similarly in hashing, it takes a input and then it applies some kind of hash function in it and a magical hash code is generated). And the key for the hash function is known as onion address, which is not publicly available. Its given by someone, how client will connect with onion address with the descriptor and knows all the IP addresses of the Ips, then will select one and apply on the first introduction point, wait how client will connect to the IP, hold on it. Then, the typical onion routing happens and we got connected. If you lookup on this circuit as general you will find the descriptor which can’t be decrypted in general. So, now what “rp” is, this is rendezvous point, its used for verification point, generally protected information like cookies and password is passed. So, the data is now encrypted from client side. It sends that string of cookies or password there, then it sends the address of client to one of the introduction points with the onion address, and the whole circuit is accessed. If the cookie is sent by then it may accept it or pass it if it connects to the wrong server, if its correct then ack is sent to the rendezvous point and total gets bridged.

So, there is anonymity on both client and server side. Ofcourse, you can’t hack Tor cloud, traffic analysis can’t be done. Whole network or circuit is secured.

Hope you will like this blog, it may be little overwhelming but if it is, then comment, below and I will make separate blogs or a video on it. That’s it.

Thanks :)